user and group access restricted access suggestions
Hi,We have a system that requires often vendors to have local administrator access on the servers in the network.The scenario is as follow. Vendor A has local admin access to 10 servers, now and then...
View ArticleCreating Custom Active Directory Attributes
Hi,1 x windows 2012 r2 domain controllers (soone to be upgraded) and 2 x 2012 domain controllersI would like to add 6 custom attributes to both computer objects and user objects.I have never done this...
View Articleremoving and adding AD forest trust
our existing forest trust has issues. if the forest trust is recreated, what happens to the old user permission mapping across forest? For instance domain A user mapped to admin group on a server on...
View ArticleChange notification
I am at a customer site and they currently have this layout: In total there are 3 AD sites which map to their 3 physical locations. In AD Sites and Services, they have a Primary Site with 2 other sites...
View ArticleUnable to import objects using ldfide
Getting the below error when importing objects using: ldifdeAdd error on entry starting on line 1: Unwilling To Perform The server side error is: 0x209a Access to the attribute is not permitted because...
View ArticleProtected Groups in AD 2012
Hi,May I know the main use of protected groups in AD2012. Even though domain level delegation granted for a user account the same user cannot unlock the domain administrator.If the delegated user...
View ArticleGlobally unique identifiers
Why do I need to use GUID? Like why was the GUID introduced when SID and SID history was already present? If the purpose was to uniquely identify an object, couldn't SID and SID history be used? Can...
View ArticleWindows cannot query for the list of Group Policy objects
I have my session on a DC 2003 with account locked status and some of the error events generating as 1030/1058. Error:1030 Windows cannot query for the list of Group Policy objects. Check the event log...
View ArticleDomain Controller taking long time to login via Remote Session while another...
Dear All,we are facing a issue with our domain controller (windows 2012r2) when i was accessing the server via remote session its took long time to login after given credential and some time it got...
View ArticleSnapshot for Win2k12 domain controllers
Can we revert win2k12 domain controllers from snapshot when using vmware esx as hypervisor?
View ArticleSet password hash of users in AD LDS
We are migrating users from our custom database to an AD LDS (Windows Server 2016) instance. We would like to avoid password resets. It is possible to set the users' passwords to the same hash as the...
View ArticleNetlogon service stop or paused after reboot the active directory server.
please help me when we reboot the active directory server our net logon service paused or stop state please help me how it resolved .
View ArticleBest recommendation for Active Directory 2012R2 (Physical or Virtual)
We have Active Directory 2008R2 environment, we have 3 Domain controller server in at PCI zone. 2 AD (1 Physical + 1 VM) Server at PDC site and 1 AD (Physical) server at DR, as we all know server...
View ArticleForest functional level not compatible
I have a new 2012R2 Server that I have installed AD DS on which is also hosting the forest. I have an another Windows 2012R2 server that I am attaching to that existing forest and getting the following...
View ArticleRestrict the Admin account to unlock a single user account not more than two...
Dear Team, We need to restrict the Admin account to unlock a single user account not more than two times in a day.Is there any option or script available to achieve the same. Thanks Jijo Antony. K
View ArticleGlobal Catalog and Infrastructure Master is not placed on any of the DC
Hi All,In a forest, can we have a domain controller without Global Catalog and Infrastructure Master roles.If yes, could you please help me in detailed.Thanks,Sivakumar Thayumanavan
View ArticleThe second AD DC (windows 2016 server) constantly automatic restart
Hi,here is the situation.1. AD primary DC (windows 2012 R2) works well2. Windows 2016 works well after installation with the roles of AD, DNS ,DHCP without joining AD.3. Promote the windows 2016 to...
View ArticleNltest /dsregdns shows ERROR_NO_LOGON_SERVERS
Hi,3 domain controllers, 2 in site A, 1 in site BWe have replaced our domain controller in site B, so it is now running Windows Server 2016. All replication seems fine, and can not see anything...
View Articlehow to Connect AD LDS from java
I was trying to access AD LDS from java this is the code i writtenpublic static void test(){ Hashtable<String, String> ldapEnv = new Hashtable<String, String>(11);...
View ArticleReporting Tools
Guys, AD 2012 R2 on prem. looking for advice on the best reporting tool you guys have seen/used for AD.Basically, been looking for a framework to allow easy creation of reports and e-mail of same. I...
View Article